Creators of Snapchat have broken their silence and responded to the hack which exposed details of 4.6 million users including usernames, partially redacted phone numbers and location.
Snapchat said that the hackers abused its Find Friends feature of the messaging service, which it had already acknowledged earlier, and indirectly put the blame on the group that fully disclosed its API stating that the release “it easier for individuals to abuse our service and violate our Terms of Use.”
“On New Years Eve, an attacker released a database of partially redacted phone numbers and usernames. No other information, including Snaps, was leaked or accessed in these attacks”, Snapchat wrote in a blog post.
Snapchat also revealed that they will be updating their app such that once the users have verified their phone numbers they will be able to opt out of the Find Friends feature. Further, the rate limiting will also be improved along with other restrictions to ensure that the feature isn’t abused in future said Snapchat.
It seems that the photo messaging service has heeded to the advice of the hackers and has provided a means for security researchers to contact the service and report any vulnerability they find.
“We want to make sure that security experts can get ahold of us when they discover new ways to abuse our service so that we can respond quickly to address those concerns.” Snapchat has provided a dedicated email address. We won’t be publishing the email address to reduce abuse.
